0

I'm using a middleware choosing the content depending on domain, but only in one of them sessions are being stored. The ideia is not share sessions between them. Each domain has to have it's sessions.

Example of problem is that CSRF tokens refresh on each reload.

I've tried set the configurations for each domain (cookie name, path, domain) and tried cookies, files and database. None of this worked.

Part of middleware code:

config([
    'session.domain' => $domain,
    'session.cookie' => $slugDomain . '_session',
    'session.path' => '/' . $slugDomain
]);
Madhuri Patel
  • 1,270
  • 12
  • 24
Gabriel Jacinto
  • 81
  • 1
  • 7

1 Answers1

0

I found the problem. Occurs that the middleware was modifying the URI, but with two bars at the end of the URI. The controllers were being executed normaly, but because of the double bars at the end of the URI sessions were not being persisted.

The new code:

//...
    $newReq = $request->duplicate();
    $newPath = '/store' . (substr($request->path(), 0, 1) === '/' ? '' : '/') . $request->path();
    $newReq->server->set('REQUEST_URI', $newPath);

    return $next($newReq);

$newPath before was

$newPath = '/store/' . $request->path();
Gabriel Jacinto
  • 81
  • 1
  • 7